kubeadm으로 쿠버네티스 설치-1.32버전

CRI-O 엔진 사용

cat <<EOF | sudo tee /etc/modules-load.d/k8s.conf
overlay
br_netfilter
EOF

sudo modprobe overlay
sudo modprobe br_netfilter

# 필요한 sysctl 파라미터를 설정하면, 재부팅 후에도 값이 유지된다.
cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-iptables  = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.ipv4.ip_forward                 = 1
EOF

# 재부팅하지 않고 sysctl 파라미터 적용하기
sudo sysctl --system

swapoff -a && sed -i '/swap/s/^/#/' /etc/fstab

KUBERNETES_VERSION=v1.32
CRIO_VERSION=v1.32

# Add the Kubernetes repository
cat <<EOF | tee /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://pkgs.k8s.io/core:/stable:/$KUBERNETES_VERSION/rpm/
enabled=1
gpgcheck=1
gpgkey=https://pkgs.k8s.io/core:/stable:/$KUBERNETES_VERSION/rpm/repodata/repomd.xml.key
EOF

# Add the CRI-O repository
cat <<EOF | tee /etc/yum.repos.d/cri-o.repo
[cri-o]
name=CRI-O
baseurl=https://pkgs.k8s.io/addons:/cri-o:/stable:/$CRIO_VERSION/rpm/
enabled=1
gpgcheck=1
gpgkey=https://pkgs.k8s.io/addons:/cri-o:/stable:/$CRIO_VERSION/rpm/repodata/repomd.xml.key
EOF

# Set SELinux in permissive mode (effectively disabling it)
sudo setenforce 0
sudo sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config

# /etc/hosts 파일수정
192.168.111.100 master
192.168.111.101 node1
192.168.111.102 node2
192.168.111.103 node3

#방화벽을 끄던가 포트를 열어줘야 함.

https://github.com/cri-o/packaging/blob/main/README.md#usage

packaging/README.md at main · cri-o/packaging

https://every-up.tistory.com/84

[kubernetes] CRI-O 설치하기

https://every-up.tistory.com/85

[kubernetes] kubeadm init "found multiple CRI endpoints on the host" 오류

https://kubernetes.io/blog/2023/08/15/pkgs-k8s-io-introduction/

pkgs.k8s.io: Introducing Kubernetes Community-Owned Package Repositories

열어줘야할 포트번호

https://kubernetes.io/docs/reference/networking/ports-and-protocols/

Ports and Protocols

 

"found multiple CRI endpoints on the host" 오류는 시스템에 여러 개의 CRI(Container Runtime Interface) 엔드포인트가 존재할 때 발생하는 문제

해결 방법

1. 컨테이너 런타임 소켓을 확인합니다.

• /var/run/dockershim.sock
• /var/run/containerd/containerd.sock
• /var/run/crio/crio.sock

CRI-O

This section contains the necessary steps to install CRI-O as a container runtime.

To install CRI-O, follow CRI-O Install Instructions.

cgroup driver

CRI-O uses the systemd cgroup driver per default, which is likely to work fine for you. To switch to the cgroupfs cgroup driver, either edit /etc/crio/crio.conf or place a drop-in configuration in /etc/crio/crio.conf.d/02-cgroup-manager.conf, for example:

[crio.runtime]
conmon_cgroup = "pod"
cgroup_manager = "cgroupfs"

You should also note the changed conmon_cgroup, which has to be set to the value pod when using CRI-O with cgroupfs. It is generally necessary to keep the cgroup driver configuration of the kubelet (usually done via kubeadm) and CRI-O in sync.

In Kubernetes v1.28, you can enable automatic detection of the cgroup driver as an alpha feature. See systemd cgroup driver for more details.

For CRI-O, the CRI socket is /var/run/crio/crio.sock by default.

Overriding the sandbox (pause) image

In your CRI-O config you can set the following config value:

[crio.image]
pause_image="registry.k8s.io/pause:3.6"

This config option supports live configuration reload to apply this change: systemctl reload crio or by sending SIGHUP to the crio process

https://kubernetes.io/docs/setup/production-environment/container-runtimes/#cri-o

Container Runtimes

네트워크는 calico 설치

https://docs.tigera.io/calico/latest/getting-started/kubernetes/quickstart

Quickstart for Calico on Kubernetes | Calico Documentation

https://kubernetes.io/docs/concepts/cluster-administration/addons/#networking-and-network-policy

 

설치 완료